Lead Threat Intelligence Analyst

Make banking a Fifth Third better®

We connect great people to great opportunities. Are you ready to take the next step? Discover a career in banking at Fifth Third Bank.

GENERAL FUNCTION:

As a member of the Information Security discipline, this role is responsible for assisting in the evaluation and development of systems security across the enterprise with an emphasis on understanding, detecting, responding and preventing cyber incidents.  They will actively monitor & review threat data from various sources and assess cyber intelligence to support in-depth analysis of various threats.  This position requires technical expertise and knowledge of security practices, procedures, and capabilities to perform non-repetitive, analytical work.

Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined. Accountable for always doing the right thing for customers and colleagues, and ensures that actions and behaviors drive a positive customer experience. While operating within the Bank’s risk appetite, achieves results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Conduct thorough analysis of cyber threats, vulnerabilities, and attack vectors to identify potential risks to the organization.
• Collaborate with the incident response team to investigate and respond to security incidents, providing actionable intelligence and recommendations.
• Understand the capabilities of our detection & prevention systems. Work closely with the detection engineering team to help prioritize, enable, and improve detection capability.
• Collect, analyze, and disseminate threat intelligence from various sources to support proactive threat hunting and risk mitigation efforts. Ensure intelligence is shared with internal partners across lines of business to enhance overall security posture.
• Prepare reports and briefings on threat intelligence findings for senior management and stakeholders.
• Work closely with cross-functional teams, including IT, legal, and compliance, to ensure comprehensive threat management. Collaborate in-depth daily with the detection and response team. Build external relationships to improve intelligence sources and collection.
• Promotes activities to foster information security awareness throughout the organization.
• Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined. 
• Accountable for always doing the right thing for customers and colleagues, and ensures that actions and behaviors drive a positive customer experience. 
• While operating within the Bank’s risk appetite, achieves results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.
• Serves as an Information Security Subject Matter Expert (SME) by maintaining knowledge of industry recognized security technologies and concepts; actively engages and assists lines of business to understand their needs and develop secure business solutions.
• Help assess, implement, and manage security related systems, processes and tools.
• Remains knowledgeable of changes in security technology, industry practices, and state and federal regulatory requirements; provides technical assistance to IT staff in the detection and resolution of security problems.
• Performs other duties as assigned.

MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:

• Bachelor’s Degree in Computer Science, Information Systems, or other related field, or other relevant experience.
• 6 to 8 years of experience with the analysis/investigation and containment of potential data breaches or cyber security incidents.
• Scripting/Coding experience - Python, Regex, Yara as examples
• Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques
• Knowledge of malware families, botnets, threats by sector, and various attack campaigns and attacker methods, tools/techniques/practices
• Knowledge of cloud technologies including O365
• Common security controls is required including; authentication, encryption, IDS, WAFs, firewalls, HIPS, EDR, EPP, etc.
• Proficient in both Linux and Windows operating systems.
• Understanding of application protocols
• Strong analytical, tactical and critical thinking ability.
• Ability to handle multiple competing priorities in a fast-paced environment.
• Ability to communicate effectively across multiple levels
• Preferred CISSP, GIAC, or other relevant certification

#LI-BW1

Fifth Third Bank, National Association is proud to have an engaged and inclusive culture and to promote and ensure equal employment opportunity in all employment decisions regardless of race, color, gender, national origin, religion, age, disability, sexual orientation, gender identity, military status, veteran status or any other legally protected status.